Expensive mistakes with CEO Fraud

CEO Fraud – with a humorous twist
The video clip is a 40 second excerpt from a cartoon video of 1:30 minute duration.

CEO fraud is an increasingly common and viciously clever way of attacking a company with fake e-mails, where the IT criminal pretends to be, for example, the director of the company. With the director’s signature, an e-mail is sent to employees in the company, encouraging them to transfer money or send confidential documents urgently.

More and more companies fall into the CEO fraud trap and are being ripped off for large sums by IT criminals.  Police have issued warnings to companies directly, especially to those companies which are trading internationally.  We know of companies where an employee fell for the scam and transferred over $15,000 to the IT criminals. 

The fraudsters have carefully investigated when and how this attack can be carried out successfully and are well prepared.

Awareness is key

We would like to see your company avoid this kind of fraud. The only way to do that is through awareness training of the company’s employees. This video, along with an accompanying quiz and graphic materials, is produced for the employees in companies and organisations.

Example case

  • The fraudsters select one of your suppliers. They hack the supplier’s mailbox, monitor correspondence and copy what they need. They also create a domain name and an email address that is as similar to the provider as possible, so that your employees won’t notice the difference.
  • When ready they will send you an invoice which is similar to the ones you usually get from this supplier. Fake invoices are easy to produce and language barriers are no longer an obstacle, because of translation software.
  • There are different variants of this fraud, and they have a common weakness: the new account number which obviously is the fraudster’s number.
  • If employees don’t notice the subtly different email address and question the account number they will unknowingly correspond with the cybercriminals behind the attack, who will, of course, inform them that it’s correct and the account number has been changed – and accordingly, employees will transfer money in good faith to a wrong account.
  • If it does happen to you contact your bank immediately and explain that you have made an error and have transferred money to the wrong recipient. Maybe you’re lucky enough to get your money back.

 
Employees must be aware of fraud, can spot the warning signs and call a known person at the supplier to check whether the invoice is legitimate.

Image

Humorous cartoon series: BIG money at stake

The film is part of ‘Humour against hacking’ – an effective awareness campaign for employees, which can be used in all types of companies and organisations in order to prevent becoming victim of an IT crime.
 
‘Humour against hacking’ inspires and teaches employees how they can help secure the organisation against attacks.

Employee awareness is key to prevent becoming a victim of IT crime
  • Video series

    Nine effective and humous training cartoons to increase employee awareness plus new cartoons and other information two or three times a year as new topics become relevant.

    See the full cartoon list

  • Awareness campaign

    The Humour Against Hacking campaign for your employees includes videos, quizzes, promotional material, campaign content and guide.

    Learn more about the campaign